I know there is a way to monitor which PC is doing the downloading and how much bandwidth it is using from the server, but is there a way to find out what the culprit machine is browsing/downloading without physically going to the culprit machine on the network?

Yep, I seen it when I sure my intership at the hospital. It was like remote desktop, but he was able to monitor any computer in the network and even take full control of it and I think block you out. Then there are server files that always keep track of where you are

You need something that encrypts from end to end - like https vs http.

The only way to do this without installing software is to use something like a VPN. This will encrypt everything between your machine and the VPN server. However it's hard to find fast, reliable free vpns. Generally you will have to use a commercial service. The good news is that they aren't that expensive if you shop around.

Foxconn Blackops (24 pin connector is loose so power cable has to be plugged in just right)

Cooling:

Thermalright Ultra 120

Memory:

4x 2Gb Crucial Ballistix 7-7-7-9

Video Card(s):

EVGA GTX 570 SC (running below stock due to stability issues)

Hard Disk(s):

1 x 320 GB Seagate 7200 rpm SATA 3 (Very slow)

Optical Drive:

LG DVD-RW 24x (yes, I still use an optical drive)

LCD/CRT Model:

Samsung 24inch 1920x1080

Case:

Cooler Master ATX Mid Tower Something Something

Sound Card:

Diamond Extreme 7.1 24bit (New and the audio out connector is already shot)

Power Supply:

PC Power and Cooling 700 W (refurbished)

Software:

Windows 8.1 (for games)

is it possible for a server admin to know what a user is browsing on the network? yes of course. the question though should be legal in nature and not technical. if you work for a private company and you are worried that perhaps you have been browsing illegal or inappropriate material while on their network you should look into their privacy policy. most private companies consider the network "theirs" and do not give the impression to their employees that they are provided a level of privacy. public institutions though like state schools and possibly public hospitals will almost never look into what an employee has been doing since it is public and considered protected.

so if you looked at some pron and think you will be fired check out your companies privacy policy and find yourself a good lawyer. even if you did something bad you may actually be able to win out in a lawsuit if your employer illegally spied on you.

You need something that encrypts from end to end - like https vs http.

The only way to do this without installing software is to use something like a VPN. This will encrypt everything between your machine and the VPN server. However it's hard to find fast, reliable free vpns. Generally you will have to use a commercial service. The good news is that they aren't that expensive if you shop around.

Click to expand...

I guess this is why I was running around in circles when trying to figure out what computer was downloading what via windows server trying to find out what computer was downloading what without being blatantly obvious.

Windows server alone is not capable of what I am trying to do.

It appears the perpetrator is as safe from me knowing what they have been downloading through the server if their security settings are at default.

Only knowing the bandwidth downloaded during that time.

Hopefully I can get the senior network admin to install some third party software.
Unfortunately the senior admin thinks anything anyone installs on the network which is not his idea will mess it up beyond repair.

is it possible for a server admin to know what a user is browsing on the network? yes of course. the question though should be legal in nature and not technical. if you work for a private company and you are worried that perhaps you have been browsing illegal or inappropriate material while on their network you should look into their privacy policy. most private companies consider the network "theirs" and do not give the impression to their employees that they are provided a level of privacy. public institutions though like state schools and possibly public hospitals will almost never look into what an employee has been doing since it is public and considered protected.

so if you looked at some pron and think you will be fired check out your companies privacy policy and find yourself a good lawyer. even if you did something bad you may actually be able to win out in a lawsuit if your employer illegally spied on you.

Click to expand...

I know they log searches, and can watch your screen/lock your pc at my school, a few kids have been busted for going on facebook and such, you are never safe, they are watching.

I know they log searches, and can watch your screen/lock your pc at my school, a few kids have been busted for going on facebook and such, you are never safe, they are watching.

Click to expand...

with windows active directory, everything can be logged very easily. linux admins have to do more work which is why most places just setup a domain controller and have all of the PCs on the network log in to the domain with a users log/pass. from there the admins can completely control the PC. this is why the question should be legal in nature. every corporation, institution has their own policy regarding employee or student privacy.

Solarwinds make a whole plethora of applications that you can use to track this information, although it doesn't come cheap. A much easier option would be to simply block all the ports on the firewall and force everyone to browse through a proxy server. That way everything they do is logged and everything that attempts to go directly to the web gets blocked.

If a proxy server isn't practical then block all unneccessary ports. You should do this anyway, not blocking unused ports is akin to locking the front door but leaving the backdoor and windows wide open.

Alternately having a look at the UPnP port list on the router should quickly show the source IP of the torrenting demon. The port should be a rather high number, normally it will also use the same port on both TCP and UDP traffic, which makes it easier to spot.

Windows server will only have a record of what is accessed from THAT server (provided auditing is setup to do so). Your network admin should be able to identify and resolve this extremely quickly if he is half competent.

I guess the assumption with the senior network admin, is these kids only know facebook and youtube so adding a third party app which is going to cost would be a waste of money as where I live, we don't get many computer savvy people around.

Especially where I'm designated to give a hand but in a way which costs $0.